package com.security.controller;

import com.security.utils.ThreadLocalUtil;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class TestController {
    /**
     * 测试方法，需要 CEO 角色才能访问
     * @return test
     */
    @PreAuthorize("hasRole('CEO')")
    @GetMapping("/test")
    public String test() {
        System.out.println(ThreadLocalUtil.get().toString());
        // AccountInfo(id=1, username=小明, phone=18735083572, email=1812297817@qq.com, roles=["ROLE_CEO", "ROLE_CFO"])
        return "test";
    }
}
